· When a user navigates to one of the Web Forms pages from his or her browser, the following sequence occurs:
1. IIS starts the Web application' s executable if it is not already running.
2. The executable composes a response to the user based on the content of the Web Forms page that the user requested and any program logic that provides dynamic content.
3. IIS returns the response to the user in the form of HTML.
· Applications that run under the CLR are called managed code, because the CLR takes care of many of the tasks that would have formerly been handled in the application' s executable itself. Managed code solves the Windows programming problems of component registration and versioning (sometimes called DLL Hell) because the assembly contains all the versioning and type information that the CLR needs to run the application.
· When you build a Web Forms project, Visual Studio .NET compiles all of the source code into an executable (DLL) and places that file in a /bin directory. The appearance portion of your application remains as .aspx and .html files.
· Web Form Events:
| Page_Init | The server controls are loaded and initialized from the Web form' s view state. |
| Page_Load | The server controls are loaded on the Page object. View state information is available at this point, so this is where you put code to change control settings or display text on the page. |
| Page_PreRender | The application is about to render the Page object. |
| Page_Unload | The page is unloaded from memory. |
· Server Controls Events:
The validations controls are evaluated before the page is posted back to the server. When the page is posted back, the Page_Init and Page_Load events are handled, then cached events are handled, and finally the event that caused the post-back is processed.
· IIS gives you three options for how the server will run your Web application:
- In-process with IIS (Inetinfo.exe): This option increases performance because all calls are made in-process; however, it offers no protection. If an application fails, it can corrupt memory and affect Inetinfo.exe, as well as other applications running in-process.
- Pooled with other Web application processes in DLLHost.exe: This is the default option and it provides a balance between protection and performance. If an application fails, it can affect other applications in the pool, but it will not affect Inetinfo.exe.
- Isolated in its own instance of DLLHost.exe: Isolated applications are protected from affecting or being affected by problems in other applications. However, calls to other applications must cross process boundaries, and this affects performance.
· Level Of Access For Classes
| Visual Basic | Visual C# | Available to |
| Public | public | All members in all classes and projects. |
| Friend | internal | All members in the current project. |
| Protected | protected | All members in the current class and in derived classes. Can be used only in member definitions, not for class or module definitions. |
| Protected Friend | protected internal | All members in the current class and in derived classes in the current project. Can be used only in member definitions, not for class or module definitions. |
| Private | private | Available only in the current class. |
· Overview Of The Inheritance Keywords
| Visual Basic | Visual C# | Use to |
| Inherits | derivedclass : baseclass | Base one class on another, inheriting members from the base class. |
| Overridable | virtual | Declare that a member of the base class can be overridden in a derived class. |
| Overrides | override | Declare that a member of a derived class overrides the member of the same name in the base class. |
| Shadows | new | Declare that a member of a derived class hides the member of the same name in the base class. |
| MustInherit | abstract | Declare that a class provides a template for derived classes. This type of class is called an abstract class, and it cannot be instantiated. |
| MustOverride | abstract | Declare that a member of a class provides a template for derived members. This type of member is called an abstract member and it cannot be invoked. |
| MyBase | base | Call a base class member from within the derived class. |
| Me | this | Call a member of the current instance of a class. |
| Interface | interface | Create an interface that defines the members a class must provide. |
| Implements | classname : interfacename | Use an interface definition in a class. |
· The difference between abstract class and interface is that, interfaces don' t provide any implementation of class members, whereas abstract classes can implement members that then become common to all the classes derived from them. Items defined in the interface must exist in any class that implements the interface. If you omit any member, Visual Studio generates a compile-time error.
· ASP.NET provides the following ways to retain variables between requests:
- Query strings: Use these to pass information between requests and responses as part of the Web address. Query strings are visible to the user, so they should not contain secure information such as passwords.
- Cookies: Use cookies to store small amounts of information on a client. Clients might refuse cookies, so your code has to anticipate that possibility.
- View state: ASP.NET stores items added to a page' s ViewState property as hidden fields on the page.
- Session state: Use Session state variables to store items that you want keep local to the current session (single user).
- Application state: Use Application state variables to store items that you want to available to all users of the application.
· Application state variables are available throughout the current process, but not across processes. If an application is scaled to run on multiple servers or on multiple processors within a server, each process has its own Application state.
· ASP .Net Validation Controls
| Validation control | Use to |
| RequiredFieldValidator | Check if a control contains data |
| CompareValidator | Check if an entered item matches an entry in another control |
| RangeValidator | Check if an entered item is between two values |
| RegularExpressionValidator | Check if an entered item matches a specified format |
| CustomValidator | Check the validity of an entered item using a client-side script or a server-side code, or both |
| ValidationSummary | Display validation errors in a central location or display a general validation error description |
· To let the user cancel validation, provide a Submit HTML control that sets the Page_ValidationActive attribute to false.
· Navigating Between Pages:
| Navigation method | Use to |
| Hyperlink control | Navigate to another page. |
| Response.Redirect method | Navigate to another page from code. This is equivalent to clicking a hyperlink. |
| Server.Transfer method | End the current Web form and begin executing a new Web form. This method works only when navigating to a Web Forms page (.aspx). Setting the Transfer method' s preserveForm argument to True makes the form' s QueryString, ViewState, and event procedure information available in the destination form. To use the Transfer method with preserveForm set to True, you must first set the EnableViewStateMac attribute in the Web form' s Page directive to False. By default, ASP.NET hashes ViewState information, and setting this attribute to False disables that hashing so the information can be read on the subsequent Web form. Use the Request object' s Form method to retrieve the ViewState information from the source Web form. |
| Server.Execute method | Begin executing a new Web form while still displaying the current Web form. The contents of both forms are combined. This method works only when navigating to a Web Forms page (.aspx). When you combine Web forms using the Execute method, be aware that any post-back events occurring on the second Web form will clear the first Web form. For this reason, combining Web forms is mainly useful when the second Web form does not contain controls that trigger post-back events. |
| Window.Open script method | Display a page in a new browser window on the client. |
· When you create connection, adapter, and data set objects in Design mode, you enable data typing for those objects. This means that you can use the specific names from the database schema to identify tables, rows, and fields. This is a big change from
' Typed reference to the Contacts table's HomePhone column. DataSet1.Contacts.HomePhoneColumn.Caption = "@Home" ' Untyped reference to the Contacts table's HomePhone column. DataSet1.Tables("Contacts").Columns("HomePhone").Caption = "@Home
The exception to this rule occurs when you don' t know the specific object you are working with. Usually, this situation occurs when the data source is supplied at run time rather than at design time.
· Using DataReader Object
' Create a command objectDim cmdGetCalls As New SqlCommand("SELECT * FROM Calls" & " WHERE ContactID=3", ContactMgmt) ' Open the database connection. ContactMgmt.Open() ' Create a data reader object. Dim dreadCalls As SqlDataReader ' Execute the command dreadCalls = cmdGetCalls.ExecuteReader() ' Display the records. Do While dreadCalls.Read() Response.Write(dreadCalls.GetString(4)) Loop ' Close the reader dreadCalls.Close() · A transaction is a group of commands that change the data stored in a database. The transaction, which is treated as a single unit, assures that the commands are handled in an all-or-nothing fashion.
· ACID test: commands must be atomic, consistent, isolated, and durable. Commands belong in a transaction if they are:
· Atomic: In other words, they make up a single unit of work. For example, if a customer moves, you want your data entry operator to change all of the customer' s address fields as a single unit, rather than changing street, then city, then state, and so on.
· Consistent: All the relationships between data in a database are maintained correctly. For example, if customer information uses a tax rate from a state tax table, the state entered for the customer must exist in the state tax table.
· Isolated: Changes made by other clients can' t affect the current changes. For example, if two data entry operators try to make a change to the same customer at the same time, one of two things occurs: either one operator' s changes are accepted and the other is notified that the changes weren't made, or both operators are notified that their changes were not made. In either case, the customer data is not left in an indeterminate state.
· Durable: Once a change is made, it is permanent. If a system error or power failure occurs before a set of commands is complete, those commands are undone and the data is restored to its original state once the system begins running again.
· The transaction object determines how concurrent changes to a database are handled through the IsolationLevel property.
| Isolation level | Behavior |
| ReadUncommitted | Does not lock the records being read. This means that an uncommitted change can be read and then rolled back by another client, resulting in a local copy of a record that is not consistent with what is stored in the database. This is called a dirty read because the data is inconsistent. |
| Chaos | Behaves the same way as ReadUncommitted, but checks the isolation level of other pending transactions during a write operation so that transactions with more restrictive isolation levels are not overwritten. |
| ReadCommitted | Locks the records being read and immediately frees the lock as soon as the records are read. This prevents any changes from being read before they are committed, but it does not prevent records from being added, deleted, or changed by other clients during the transaction. This is the default isolation level. |
| ReapeatableRead | Locks the records being read and keeps the lock until the transaction completes. This ensures that the data being read does not change during the transaction. |
| Serializable | Locks the entire data set being read and keeps the lock until the transaction completes. This ensures that the data and its order within the database do not change during the transaction. |
· SQL database connections provide one transaction capability that is unavailable for OLE database connections: the ability to create saves points within a transaction. Save points let you restore the database state to a specific position within the current transaction. To set a save point within a SQL transaction, use the Save method:
transDelete.Save("FirstStep")
To restore a SQL transaction to a save point, specify the name of the save point in the Rollback method:
transDelete.Rollback("FirstStep") · Manage data set transactions using the Update method (of Adapter) to commit changes and the RejectChanges method (of DataSet) to undo (or roll back) changes.
· Exception Handling Events
| Event procedure | Occurs when |
| Page_Error | An unhandled exception occurs on the page. This event procedure resides in the Web form. |
| Global_Error | An unhandled exception occurs in the application. This event procedure resides in the Global.asax file. |
| Application_Error | An unhandled exception occurs in the application. This event procedure resides in the Global.asax file. |
· The Server Object's Error Handling Methods
| Server method | Use to |
| GetLastError() | Get the last exception that occurred on the server. |
| ClearError() | Clear the last exception that occurred on the server. Invoking ClearError handles the exception so it does not trigger subsequent error events or appear to the user in the browser. |
Private Sub Page_Error(ByVal sender As Object, _ ByVal e As System.EventArgs) Handles MyBase.Error ' Get error. Dim ex As Exception = Server.GetLastError() ' Store the error message. Session("Error") = ex.Message() ' Clear error. Server.ClearError() ' Redirect back to this page. Response.Redirect("ErrorEvents.aspx")End Sub · Using Page-Level Error Pages
Use the Page object' s ErrorPage attribute to display a specific page when an unhandled exception occurs on a Web form. You can use the Server object' s GetLastError and ClearError methods from the error page.
<%@ Page Language="vb" AutoEventWireup="false" Codebehind="WebForm1.aspx.vb" Inherits="vbExceptionSnippet.WebForm1" errorPage="errDefault.aspx"%> · Error pages handle exceptions that occur outside of the Web application because of Internet-related problems.
· Monitor exceptions that are handled in your application by writing messages to the trace log using the Trace object' s Write and Warn methods.
· Enable application-level tracing by setting the <trace> element' s attributes in the Web.config file.
· Enable page-level tracing by setting the Trace attribute in a Web form' s Page directive.
· Authentication is the process of identifying users. Authorization is the process of granting access to those users based on identity.
· There are three major ways to authenticate and authorize users within an ASP.NET Web application:
- Windows integrated authentication: Identifies and authorizes users based on the server' s users list. Access to resources on the server is then granted or denied based on the user account' s privileges. This works the same way as regular Windows network security.
- Forms authentication: Directs users to a logon Web form that collects user name and password information, and then authenticates the user against a user list or database that the application maintains.
- Passport authentication: Directs new users to a site hosted by Microsoft so that they can register a single user name and password that will authorize their access to multiple Web sites. Existing users are prompted for their Passport user name and password, which the application then authenticates from the Microsoft Passport user list.
NET component names come in two flavors: weak and strong. Weak names are not guaranteed to be unique and thus cannot be shared without potentially causing conflicts. Strong names are digitally signed and provide a public key that ensures there are no conflicts. Furthermore, .NET components with strong names can' t call unmanaged code (such as COM components) and thus avoid potential conflicts with dependencies. Weak-named .NET components must be individually copied to the /bin directories of the Web applications where they are used. Strong-named .NET components can be copied into the server' s global assembly cache.
The global assembly cache is a special subfolder within the Windows folder that stores the shared .NET components. When you open the folder, Windows Explorer starts a Windows shell extension called the Assembly Cache Viewer (ShFusion .dll). You can install strong-named .NET components by dragging them into the Assembly Cache Viewer, or by using the Global Assembly Cache tool (GacUtil.exe), as shown here:
GacUtil –i MyServeControls.dll · Repairing Deployed Applications
After a Web application is deployed, you can revise and repair it in place, without restarting the server or IIS.
To repair a deployed Web application, copy the new assembly (.dll) and/or content files (.aspx, .ascx, and so on) to the application folder on the server. ASP.NET automatically restarts the application when you replace the assembly; you do not need to install or register the assembly on the server.
ASP.NET Web applications also have a limited ability to repair themselves through process recycling. Process recycling is the technique of shutting down and restarting an ASP.NET worker process (aspnet_wp.exe) that has become inactive or is consuming excessive resources. You can control how ASP.NET processes are recycled through attributes in the processModel element in the Machine.config file.
· ASP.NET Web applications can store frequently requested documents in the server' s memory to speed up access to those items. Storing items in this way is called caching.
· Types Of Test
| Test type | Ensures that |
| Unit test | Each independent piece of code works correctly |
| Integration test | All units work together without errors |
| Regression test | Newly added features do not introduce errors to other features that are already working |
| Load test (also called stress test) | The product continues to work under extreme usage |
| Platform test | The product works on all of the target hardware and software platforms |
· Types Of Custom Controls
- Web user controls: These combine existing server and HTML controls by using the Visual Studio .NET Designer to create functional units that encapsulate some aspect of the user interface. User controls reside in content files, which must be included in the project where they are used.
- Composite custom controls: These create new controls from existing server and HTML controls. Though similar to user controls, composite controls are created in code rather than visually, and therefore can be compiled into an assembly (.dll), which can be shared between multiple applications and used from the Toolbox in Visual Studio .NET.
- Rendered custom controls: These create entirely new controls by rendering HTML directly rather than using composition. These controls are compiled and can be used from the Toolbox, just like composite controls, but you must write extra code to handle tasks that are performed automatically in composite controls.
· Create user controls by drawing server and HTML controls on a user control page (.ascx).
· Add a user control to a Web form by dragging the control from the Solution Explorer, rather than from the Toolbox.
· User controls must be part of the project where they are used and are initialized after their containing Web form' s Page_Load event. Use Page_PreRender event of the form to use user controls properties, methods and events.
· Create composite custom controls by defining a class derived from the WebControl base class. (System.Web.UI.WebControls.WebControl)
· Composite controls are made up of server and HTML controls added through the CreateChildControls method.
· Setting Culture in Web.config:
<globalization requestEncoding="utf-8" responseEncoding="utf-8" culture="ar-SA" /> · Glossary
Abstract Class: A class that cannot be instantiated but is used as a base from which other classes can be derived. In Microsoft Visual Basic .NET, abstract classes are declared using the MustInherit keyword. In Microsoft Visual C#, abstract classes are declared using the abstract keyword.
Abstract Member: A member of base class that cannot be invoked, but instead provides a template for members of a derived class. In Visual Basic .NET, abstract members are declared using the MustOverride keyword. In Visual C#, abstract members are declared using the abstract keyword.
ASP.NET: The portion of the Microsoft .NET Framework used to create Web applications and XML Web services. ASP.NET is an evolution of Microsoft Active Server Pages (ASP).
Assembly: The executable component of an application created using the .NET Framework. Web applications, as well as other types of .NET applications, compile their executable code into an assembly file with a .dll filename extension. The compiled code consists of IL assembly language (ILAsm), which is then compiled into its final state at run time by the common language runtime.
Authentication: The process of determining the identity of a user. In effect, authentication validates that the user is who he says he is.
Authorization: The process of granting access privileges to resources or tasks within an application. Applications typically authenticate users and then authorize them based on their identities or roles within an organization.
Behaviors Components: That encapsulates specific functionality or actions on a Web form or HTML page. When applied to a standard HTML element on a page, a behavior modifies that element' s default behavior. Behaviors are implemented as styles.
Caching: The process of storing frequently requested documents in the server' s memory to speed up access to those items. Web applications provide automatic caching features through the Microsoft FrontPage Server Extensions and manual caching features through the Cache object.
Cascading Style Sheets (CSS): Web application project files (.css) that collect and organize all of the formatting information applied to elements on a Web form or HTML page. Because they keep this information in a single location, cascading style sheets make it easy to adjust the appearance of Web applications. Web applications can have multiple style sheets and can switch style sheets at run time to dynamically change the appearance of a Web application.
Certificate Authority: An independent third-party that provides server certificates to enable secure communications across the Web through the secure sockets layer (SSL). These server certificates must be purchased and installed on your Web server to use secure sockets layer (SSL) and the HTTPS protocol.
Cookie: A small file that a Web application can write to the client' s computer. Cookies are used to identify a user in a future session or to store and retrieve information about the user' s current session.
Default Page: A page that IIS displays if the user navigates to the Web application directory without specifying a specific page to view. IIS uses the name Default.htm and Default.aspx as the default page unless you change it using the IIS property settings for the application.
Delegation: A programming technique by which a member of one class uses a member from another class to perform some task. Delegation differs from inheritance in that the first class implements a property or method and then calls (or delegates to) the other class' s property or method. The two classes do not have to be related to each other. In other words, the first class does not have to be derived from the second class.
Dirty Read: The process of reading database records without locking the records being read. This means that an uncommitted change can be read and then rolled back by another client, resulting in a local copy of a record that is not consistent with what is stored in the database.
Drivers: In the context of testing, drivers are test components that make sure two or more components work together. Drivers are necessary to test components during development when an application is being developed from the bottom up.
Global Assembly Cache (GAC): A special subfolder within the Microsoft Windows folder that stores the shared .NET assemblies. Assemblies stored in the GAC are shared with all other applications installed on the computer.
Globally Unique Identifier (GUID): A 128-bit integer that serves as a unique identifier across networks. GUIDs are used throughout Windows and the .NET Framework to identify components.
Impersonation: The process of assigning one user identity to another user. ASP.NET uses impersonation to authorize anonymous users to access resources on the Web server. By default, anonymous users impersonate the ASPNET user account.
Localization: The process of accommodating cultural differences within an application. Localized applications can support multiple languages, currencies, writing direction, and calendars based on the cultures that they support.
Scalability: The ability to add capacity to an application as user demand increases.
Secure Sockets Layer (SSL): The standard means of ensuring that data sent over the Internet cannot be read by others. When a user requests a secure Web page, the server generates an encryption key for the user' s session and then encrypts the page' s data before sending a response. On the client' s side, the browser uses that same encryption key to decrypt the requested Web page and to encrypt new requests sent from that page.
Server Certificate: A file installed through IIS that provides an encryption key for use with the secure sockets layer (SSL). Server certificates are obtained from a certificate authority, which licenses server certificates for a fee and acts as a clearinghouse to verify your server' s identity over the Internet.
Session: The sum of interaction between an instance of a client browser and a Web application. A session begins when the browser first requests a resource from within the application. A session ends either when the browser closes on the client' s machine or when the session times out after a period of inactivity. (The default is 20 minutes.)
Shadowing: The programming technique of replacing a member of a base class with a new member in a derived class. Shadowing differs from overriding in that the base class' s shadowed member is no longer available from the derived class.
Stubs: Nonfunctional components that provide the class, property, or method definition used by another component during testing. Stubs are necessary to test components during development when an application is being developed from the top down.
Subweb: A virtual folder that contains a Web site.
Superclassing The programming technique of deriving a new class from an existing class using inheritance. Superclassing generally refers to a situation in which most of the derived class' s behavior and members come directly from the base class.
Thread: The basic unit to which the server allocates processor time. A single process can have multiple threads.
Virtual Folder: A shared resource identified by an alias that represents a physical location on a server.
Web Farm: A Web application running on multiple servers.
Web Garden: A Web application running on a single server using multiple processors.
Comments